1

I have a C++ DLL that I have to secure. I mean my problem is that when I use a decompiler, I can see my functions names and then that's easy to reverse.

So my question is : how can I secure my code to hide the functions names, variable etc.. to prevent reverse engineering ? I've been looking for obfuscation but never found solution for native C++ code (only managed code).

Thanks.

sa.l_dev
  • 189
  • 1
  • 10
  • 1
    Could you show for us your code? –  Dec 03 '15 at 15:46
  • Possible duplicate of [Protecting executable from reverse engineering?](http://stackoverflow.com/questions/6481668/protecting-executable-from-reverse-engineering). See http://stackoverflow.com/questions/1025494/obfuscating-c-c-code – Pixelchemist Dec 03 '15 at 15:48
  • What environment are you targeting and what compiler are you using? What compiler options are you using? If a decompiler is able to re-build your c++ functions from the machine code (names and all), the function names must be included somewhere in the compiled assembly. This is surprising to me because I imagine any reasonably robust optimizing compiler would change the names beyond recognition in order to reduce the size of the compiled assembly, and improve program load time. – bfair Dec 03 '15 at 15:57
  • @dogjones If functions are being loaded from DLLs then the compiler usually has no choice but embed those names as-is in the executable. – Carey Gregory Dec 03 '15 at 22:19
  • Ah, I see. I thought OP was asking how to prevent people from reverse engineering the underlying structure of his DLL. Obfuscating the names of functions you intend to expose to library users seems like a waste of time to me... – bfair Dec 04 '15 at 15:49
  • @dogjones Indeed, that would accomplish nothing and be highly annoying to the users of your library. – Carey Gregory Dec 04 '15 at 22:42

2 Answers2

2

You can use the preprocessor for this. For example, just build a list of all your function names and give them useless names, like this:

#define FunctionFoo  f1
#define FunctionBar  f2
etc

In your source you will continue to call functions by their real names (FunctionFoo, etc) but when compiled all that will be left is meaningless names like f1, f2, etc.

Carey Gregory
  • 6,836
  • 2
  • 26
  • 47
  • Good strategy for a small program, but not practical for a large one, or one that has functions added often. – Mark Ransom Dec 03 '15 at 16:55
  • 1
    @MarkRansom: If all your substitute names match a simple regex, then you can add a post-build step that dumps exports and checks for any that aren't substituted yet. If you also you put these into a separate header file `#include`d from the main one, then automatically updating the substitution list is only a trivial amount of additional work. – Ben Voigt Dec 03 '15 at 18:02
-1

Could you write a script that goes through the .cpp and .h files and makes function names some random gibberish?

If the function names are the ones giving it away, write a little program that inspects text files (before compiling them) and changes all the function names.

I don't know if that will help or not, but it will at least hide the names.

Matthew
  • 3,886
  • 7
  • 47
  • 84
  • 2
    "a script that goes through the .cpp and .h files and makes function names some random gibberish" / "a little program that inspects text files (before compiling them) and changes all the function names" is called the C++ preprocessor. – Ben Voigt Dec 03 '15 at 15:42
  • Ah. Question, aren't the original function names saved in the .h files though? – Matthew Dec 03 '15 at 15:46
  • 1
    (1) It's possible to save the result of preprocessing, but more importantly (2) People with the header file aren't the ones you are trying to hide the function names from. They have to know the function semantics in order to correctly write the code that calls them. It's people with binaries alone, no source code, headers or otherwise, that obfuscation helps against. Just put the obfuscation rules into the header file, and then people programming against the DLL can do so using the meaningful names, but their binaries and the DLL will both use the substitutes. – Ben Voigt Dec 03 '15 at 15:49